CVEs have been published or revised in the Security Update Guide May 2, 2025 These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide: CVE-2025-29825 · Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability · Version: 1.0 · Reason for revision: Information published. · Originally released: May 1, 2025 · Last updated: May 1, 2025 · Aggregate CVE severity rating: Low · Customer action required: Yes CVE-2025-4050 · Title: Chromium: CVE-2025-4096 Heap buffer overflow in HTML · Version: 1.0 · Reason for revision: Information published. · Originally released: May 1, 2025 · Last updated: May 1, 2025 · Aggregate CVE severity rating: · Customer action required: Yes CVE-2025-4051 · Title: Chromium: CVE-2025-4050 Out of bounds memory access in DevTools · Version: 1.0 · Reason for revision: Information published. · Originally released: May 1, 2025 · Last updated: May 1, 2025 · Aggregate CVE severity rating: · Customer action required: Yes CVE-2025-4052 · Title: Chromium: CVE-2025-4051 Insufficient data validation in DevTools · Version: 1.0 · Reason for revision: Information published. · Originally released: May 1, 2025 · Last updated: May 1, 2025 · Aggregate CVE severity rating: · Customer action required: Yes CVE-2025-4096 · Title: Chromium: CVE-2025-4052 Inappropriate implementation in DevTools · Version: 1.0 · Reason for revision: Information published. · Originally released: May 1, 2025 · Last updated: May 1, 2025 · Aggregate CVE severity rating: Customer action required: Yes
CVEs have been published or revised in the Security Update Guide May 8, 2025 These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide: CVE-2025-29813 Title: Azure DevOps Elevation of Privilege Vulnerability Version: 1.0 Reason for revision: Information published. Originally released: May 8, 2025 Last updated: May 8, 2025 Aggregate CVE severity rating: Critical Customer action required: No CVE-2025-29827 Title: Azure Automation Elevation of Privilege Vulnerability Version: 1.0 Reason for revision: Information published. Originally released: May 8, 2025 Last updated: May 8, 2025 Aggregate CVE severity rating: Critical Customer action required: No CVE-2025-29972 Title: Azure Storage Resource Provider Spoofing Vulnerability Version: 1.0 Reason for revision: Information published. Originally released: May 8, 2025 Last updated: May 8, 2025 Aggregate CVE severity rating: Critical Customer action required: No CVE-2025-33072 Title: Microsoft msagsfeedback.azurewebsites.net Information Disclosure Vulnerability Version: 1.0 Reason for revision: Information published. Originally released: May 8, 2025 Last updated: May 8, 2025 Aggregate CVE severity rating: Critical Customer action required: No CVE-2025-47732 Title: Microsoft Dataverse Remote Code Execution Vulnerability Version: 1.0 Reason for revision: Information published. Originally released: May 8, 2025 Last updated: May 8, 2025 Aggregate CVE severity rating: Critical Customer action required: No CVE-2025-47733 Title: Microsoft Power Apps Information Disclosure Vulnerability Version: 1.0 Reason for revision: Information published. Originally released: May 8, 2025 Last updated: May 8, 2025 Aggregate CVE severity rating: Critical Customer action required: No
May 13, 2025—KB5058411 (OS Build 26100.4061) Applies To: Windows 11 version 24H2, all editions https://support.microsoft.com/en-us...100-4061-356568c2-c730-469e-819d-b680d43b1265 ------- May 13, 2025—KB5058379 (OS Builds 19044.5854 and 19045.5854) Applies To: Windows 10 Enterprise LTSC 2021 Windows 10 IoT Enterprise LTSC 2021 Windows 10, version 22H2, all editions https://support.microsoft.com/en-us...045-5854-0a30e9ee-5038-45dd-a5d7-70a8813a5e39
